numerous-umbrella-61726
01/06/2022, 1:20 PMnumerous-umbrella-61726
01/06/2022, 1:23 PMnumerous-umbrella-61726
01/06/2022, 1:25 PMclean-hamburger-91078
01/10/2022, 8:50 AMnumerous-umbrella-61726
01/10/2022, 10:17 AMgentle-bird-90474
05/14/2022, 6:42 AMgentle-bird-90474
05/14/2022, 6:44 AMgentle-bird-90474
05/14/2022, 7:03 AMid_token
mutator when trying to anonymously access the resource, the mutator will throw an error:
error executing claims template in rule "my-protected-resource": template: 17f927a7349643c00f29237db1327131:1:79: executing "17f927a7349643c00f29237db1327131" at <.Extra.identity.traits.email>: nil pointer evaluating interface {}.traits reason= request-id= status=500 writer=JSON
config.yaml
mutators:
# ...
id_token:
enabled: true
config:
issuer_url: <http://localhost:4455/>
jwks_url: file:///cfg/jwks.json
claims: '{
"aud": [ "<https://project-holi.org/services/okuna/api>" ],
"email": "{{ .Extra.identity.traits.email }}"
}'
rules.yaml
- id: my-protected-resource
version: v0.38.25-beta.1
upstream:
url: <http://host.docker.internal:8000/>
match:
url: http://<127.0.0.1|localhost>:4455/<.*>
methods:
- GET
authenticators:
- handler: cookie_session
- handler: bearer_token
- handler: anonymous
authorizer:
handler: allow
mutators:
- handler: id_token
gentle-bird-90474
05/14/2022, 7:56 PMnumerous-umbrella-61726
05/17/2022, 9:48 AMnumerous-umbrella-61726
05/17/2022, 9:49 AMgentle-bird-90474
05/17/2022, 2:56 PMmy solution was to change my underlying service code to check for an empty subject rather than a completely empty auth header, so not ideal but worked well enough for nowYeah, that was what I did too for now, thanks